Behavioral task
behavioral1
Sample
028fca1a10a71aeb2f16447136f988340a63c7f6b21f09efdbd2213825b90c46.exe
Resource
win7-20241010-en
General
-
Target
028fca1a10a71aeb2f16447136f988340a63c7f6b21f09efdbd2213825b90c46
-
Size
86KB
-
MD5
c70b8c3f82b667074e4745533be6d33f
-
SHA1
b9820279fe58c2e81c81b9aaea195406bd1bc309
-
SHA256
028fca1a10a71aeb2f16447136f988340a63c7f6b21f09efdbd2213825b90c46
-
SHA512
223477a83f93b0eb4c086bd08b902078780312c352b729a7c6b41fbede6a8f1290f3bf3a8f3928bf7d10b6a3cdaf9641184c44ee57cf3c8da7a69264d5b5ab57
-
SSDEEP
1536:dIvBmBx0OKqE9RQ3K7D8GSjtGY5jBWlhWegFvTx0CmuJd4BXac6F:dIvBmBGNG3KkGEtBnWfzgFVBbd4InF
Malware Config
Extracted
gozi
Signatures
Files
-
028fca1a10a71aeb2f16447136f988340a63c7f6b21f09efdbd2213825b90c46.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Sections
UPX0 Size: - Virtual size: 168KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 55KB - Virtual size: 56KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX2 Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE